[KB8181] Configure the trusted zone in an ESET Endpoint Security deployment to prevent loss of network connectivity in ESET PROTECT or ESET PROTECT On-Prem

Issue

Solution

Add the IP range/subnets to the trusted zone before deploying ESET Endpoint Security

To resolve your RDP/ping issue, configure the trusted zone with the IPv4 and Remote IP addresses, ranges, masks, and subnets, including any VPN networks and all subnets inside your network. 

  1. Open ESET PROTECT or ESET PROTECT On-Prem

  2. Click Policies, select the desired Built-in policy and then click ActionsNew Policy.

    Figure 1-1

  1. Type a name for the new policy into the Name field. The Description field is optional.

    Figure 1-2

  1. Click Settings → Protections → Network access protection and click Edit next to IP sets.

    Figure 1-3

  1. Select Trusted zone and click Edit

    Figure 1-4

  1. In the Remote computer address field, add your IPv4 and Remote IP addresses, ranges, masks, and subnets, including any VPN networks and all subnets inside your network. Click Save.

    Figure 1-5

  1. Click Assign → Assign. Read more about assigning a policy to a client or a group.

  2. Select the check boxes next to separate clients or next to each static or dynamic group you want this policy assigned to and click OK.

  3. Click Finish. When the system checks into ESET PROTECT or ESET PROTECT On-Prem with the new settings, you can deploy ESET Endpoint Security to your network. 

Edit or disable Firewall rules in ESET PROTECT or ESET PROTECT On-Prem

  1. Open ESET PROTECT or ESET PROTECT On-Prem in your web browser and log in.

  2. Click Policies, select the desired Built-in policy and click ActionsNew Policy.

    Figure 2-1

  3. Type a name for the new policy into the Name field. The Description field is optional.

    Figure 2-2

  4. Click Settings → Protections → Network access protection, expand Firewall, and click Edit next to Rules.

    Figure 2-3

  1. Click More filters.

    Figure 2-4

  1. Select the check box next to Hide built-in (pre-defined) rules and click Apply.

    Figure 2-5

  2. Deselect the check boxes next to Block incoming NETBIOS requests and Block incoming RPC requests and click Save.

    Modify built-in rules to resolve RDP connection issues

    You can modify the built-in rules to troubleshoot port connection issues, such as allowing RDP for non-default or custom ports. To review the built-in rules, click the check box Show built in (predefined) rules as shown in Figure 2-2 above.

    For more information about how to modify built-in rules, visit our Online Help topic.

    Figure 2-6

  1. Click Assign → Assign. Read more about assigning a policy to a client or a group.

  2. Select the check boxes next to separate clients or next to each static or dynamic group you want this policy assigned to and click OK.

  3. Click Finish. When the system checks into ESET PROTECT or ESET PROTECT On-Prem with the new settings, you can deploy ESET Endpoint Security to your network.

Last Updated: Jan 21, 2025

Additional resources

User Guides

ESET Forum

YouTube videos
Support News Customer Advisories ESET Status Portal Contact ESET Technical Support

Existing customer?